chore(repo): sync operator workspace (config, scripts, docs, multi-chain)
Add optional Cosmos/Engine-X/act-runner templates, CWUSDC/EI-matrix tooling, non-EVM route planner in multi-chain-execution (tests passing), token list and extraction updates, and documentation (MetaMask matrix, GRU/CWUSDC packets). Ignore institutional evidence tarballs/sha256 under reports/status. Validated with: bash scripts/verify/run-all-validation.sh --skip-genesis Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
defiQUG
73
scripts/deployment/probe-dev-vm-ssh.sh
Executable file
73
scripts/deployment/probe-dev-vm-ssh.sh
Executable file
@@ -0,0 +1,73 @@
|
||||
#!/usr/bin/env bash
|
||||
# Probe Dev VM SSH: LAN IP vs Cloudflare FQDN (tunnel + Access).
|
||||
# See: docs/04-configuration/DEV_VM_SSH_REMOTE_ACCESS.md
|
||||
#
|
||||
# Usage:
|
||||
# ./scripts/deployment/probe-dev-vm-ssh.sh
|
||||
# DEV_VM_USER=dev1 DEV_VM_FQDN=ssh.dev.d-bis.org ./scripts/deployment/probe-dev-vm-ssh.sh
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
||||
# shellcheck source=/dev/null
|
||||
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
|
||||
|
||||
USER_NAME="${DEV_VM_USER:-dev1}"
|
||||
IP="${IP_DEV_VM:-192.168.11.59}"
|
||||
FQDN="${DEV_VM_FQDN:-ssh.dev.d-bis.org}"
|
||||
|
||||
echo "=== Dev VM SSH probes (user=$USER_NAME) ==="
|
||||
echo ""
|
||||
|
||||
echo "1) LAN: BatchMode SSH to $IP"
|
||||
if ssh -o BatchMode=yes -o ConnectTimeout=8 -o StrictHostKeyChecking=accept-new "${USER_NAME}@${IP}" true 2>/dev/null; then
|
||||
echo " OK ${USER_NAME}@${IP}"
|
||||
else
|
||||
echo " FAIL ${USER_NAME}@${IP} (no route, firewall, or key not accepted)"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
echo "2) DNS: $FQDN"
|
||||
if command -v dig >/dev/null 2>&1; then
|
||||
dig +short "$FQDN" A 2>/dev/null | head -3 | sed 's/^/ A: /' || true
|
||||
dig +short "$FQDN" AAAA 2>/dev/null | head -2 | sed 's/^/ AAAA: /' || true
|
||||
else
|
||||
echo " (dig not installed; skip)"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
echo "3) Plain SSH to $FQDN:22 (usually FAILS behind Cloudflare — tunnel expects cloudflared client)"
|
||||
set +e
|
||||
out=$(ssh -4 -o BatchMode=yes -o ConnectTimeout=12 -o StrictHostKeyChecking=accept-new "${USER_NAME}@${FQDN}" true 2>&1)
|
||||
code=$?
|
||||
set -e
|
||||
if [[ "$code" -eq 0 ]]; then
|
||||
echo " OK (unexpected for CF tunnel host — you may be using port-forward / direct)"
|
||||
else
|
||||
echo " FAIL (expected for tunnel hostname): $out"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
echo "4) FQDN via cloudflared access ssh (needs cloudflared on PATH + Access policy / service token)"
|
||||
PATH="$HOME/bin:$PATH"
|
||||
if command -v cloudflared >/dev/null 2>&1; then
|
||||
set +e
|
||||
out=$(ssh -o BatchMode=yes -o ConnectTimeout=25 \
|
||||
-o ProxyCommand="cloudflared access ssh --hostname %h" \
|
||||
-o StrictHostKeyChecking=accept-new \
|
||||
"${USER_NAME}@${FQDN}" true 2>&1)
|
||||
code=$?
|
||||
set -e
|
||||
if [[ "$code" -eq 0 ]]; then
|
||||
echo " OK ProxyCommand → ${USER_NAME}@${FQDN}"
|
||||
else
|
||||
echo " FAIL: $out"
|
||||
fi
|
||||
else
|
||||
echo " SKIP: cloudflared not in PATH"
|
||||
echo " Install: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/"
|
||||
echo " Then set CF_ACCESS_CLIENT_ID / CF_ACCESS_CLIENT_SECRET if using service tokens (see DEV_VM_SSH_REMOTE_ACCESS.md)."
|
||||
fi
|
||||
echo ""
|
||||
echo "Done."
|
||||
Reference in New Issue
Block a user